News
Vulnerability-Lookup 5.2.0 released
We are pleased to announce the release of Vulnerability-Lookup 5.2.0! This release centers on a broad interface redesign — a refreshed home page built around a hero search and a tabbed dashboard, with the shared card design language now rolled out across the rest of the application. Alongside it come new change-aware browse API endpoints that let clients poll only what actually changed, a modernized KEV catalogs experience with aggregated feeds, and a confidential notes field for vulnerability disclosures.
June 19, 2026
KEV Catalog Coverage in Vulnerability-Lookup
Vulnerability-Lookup can explore several Known Exploited Vulnerabilities (KEV) catalogs side by side — the local catalog of your instance as well as external ones such as CISA KEV, EUVD KEV and CIRCL KEV, all conforming to the GCVE BCP-07 standard. Until now you could browse each catalog on its own, but there was no easy way to compare them. The KEV catalogs page now features a Catalog Coverage matrix that does exactly that.
June 16, 2026
Vulnerability-Lookup 5.1.0 released
We are pleased to announce the release of Vulnerability-Lookup 5.1.0! The highlight of this release is the new CNA Publication Service, which lets vulnerabilities from your local source be published to the official CVE API as part of the Coordinated Vulnerability Disclosure (CVD) process. It also brings a new exploited-CVE ratio statistic, CSAF advisories in full-text search, further UI harmonization, and important reindexing and feeder fixes. A special thank you to Niclas Dauster for the substantial contribution behind the CNA Publication Service (#416).
June 11, 2026
Vulnerability Report - May 2026
All vulnerability reports Introduction This vulnerability report has been generated with the help of AI, using the VulnMCP tooling on top of Vulnerability-Lookup, with contributions from the platform’s community.
June 3, 2026
Vulnerability-Lookup 5.0.0 released
We are thrilled to announce the release of Vulnerability-Lookup 5.0.0! This major release centers on a new CNA-interoperable API for managing the vulnerabilities of your local source, together with deep Vulnogram integration, a continued UI refresh, and a long list of stability and correctness fixes. A special thank you to Niclas Dauster for the substantial contribution behind the new CNA-interoperable API (#398). What’s New CNA- and GNA-Compatible Vulnerability Management Vulnerabilities in your local instance can now be managed in a CNA-interoperable way through a dedicated API.
May 29, 2026
Vulnerability-Lookup 4.6.0 released
We are excited to announce the release of Vulnerability-Lookup 4.6.0! This version brings more transparency, new data sources, API improvements, notable UI enhancements, and several performance and stability fixes. What’s New VLAI model transparency The VLAI badge popover now surfaces the exact model name and revision used for a given analysis, with direct links to the HuggingFace model card and the revision commit. This is particularly useful as we regularly update our AI models and publish new versions on HuggingFace, making it easy to track exactly which model version produced a given result.
May 21, 2026
Vulnerability Report for the year 2025
All vulnerability reports This report was generated with the help of AI, leveraging the VulnMCP Model Context Protocol server connected to Vulnerability-Lookup. The underlying data was aggregated from the twelve monthly reports published throughout 2025 and from the live Vulnerability-Lookup API. Download this report as a PDF. Introduction The 2025 threat landscape was characterised by sustained pressure on enterprise infrastructure, edge devices, and developer tooling. Attackers continued to weaponise newly disclosed vulnerabilities within hours of publication, while a long tail of unpatched legacy IoT and edge devices (D-Link, Zyxel, DASAN, Huawei, Realtek, Netgear) kept generating massive exploitation noise. Several flagship incidents shaped the year: the SAP NetWeaver Visual Composer zero-day exploitation in April, the SharePoint “ToolShell” campaign in July, the NetScaler “CitrixBleed 2” saga from June onward, the Oracle E-Business Suite exploitation tied to the Cl0p activity in October, the WSUS critical (CVE-2025-59287) in October-November, the FortiWeb authentication bypasses in November, and the dramatic React Server Components (“React2Shell”) surge in December.
May 11, 2026
Vulnerability Report - April 2026
All vulnerability reports Introduction This vulnerability report has been generated with the help of AI, using the VulnMCP tooling on top of Vulnerability-Lookup, with contributions from the platform’s community.
May 4, 2026
Vulnerability-Lookup 4.5.0 released
We are pleased to announce the release of Vulnerability-Lookup 4.5.0! This release strengthens Vulnerability-Lookup on both data collection and analysis. We now ingest sightings from Telegram channels, with roughly 200,000 Telegram sigthings collected so far. Each vulnerability page also gains new interactive visualisations: sighting type repartition, source repartition, and an experimental adaptive forecast based on the TARDISSight prototype. TARDISSight was presented last week in Munich during the FIRST CTI Conference, and the related paper is available on arXiv.
April 30, 2026
CIRCL AI approach at the International Committee of the Red Cross (ICRC)
On April 28, 2026, we had the opportunity to present the CIRCL AI approach at the International Committee of the Red Cross (ICRC). The session took place in Luxembourg, with remote participation from the Delegation for Cyberspace at the Global Cyber Hub in Geneva. The objective of this event was practical: show how AI can be used as an operational capability in vulnerability intelligence, not just as a research topic. We focused on production workflows that help analysts deliver faster, more consistent, and more actionable results.
April 29, 2026